A: Visual IP Trace is designed solely for security uses such as tracing hackers to their location, investigating web sites, and reporting Internet abusers. While VisualRoute is often used for security purposes as well, it was originally designed to analyze Internet connectivity and includes network diagnostic information that is frequently not of interest for security users. VisualRoute is available in the network monitoring product section, with new editions available for advanced network troubleshooting and support.

Q: How do I report a hacker?

A: Internet abuse should be reported to the network owner (ISP) that provides Internet service for the offender. The network owner and the abuse reporting contact information is provided in the identification report. To use the automated reporting option, right-click on the Visualware logo in the Windows system tray (normally at the right side of the Windows task bar), and select the 'Abuse Reporting' menu option.

Q: Why is the domain owner important?

A: A domain is the name registered by a company, organization or individual that is used for web site or email addresses, such as 'visualware.com. Domain names consist of one or more parts separated by periods. The right-most part, or top-level domain (e.g. '.com, .edu, .biz' and two-letter country specific domains) provides information about the type of organization and the country location of the
domain.

The last 2 or 3 sections (e.g. 'visualware.com, visualware.co.uk') represent the domain that has been registered, and is used to report the contact information for the entity that registered the domain. The domain registration provides details about who has registered a web site address, helpful information for verifying a web site owner.

Q: Why is the network owner important?

A: The network owner, or ISP, providing Internet access for an IP address or web site, is the company responsible for reviewing and taking action on abuse reports. In addition,
ISPs are normally located in the same area or region as their users, so the location of the network provider is often a good estimation of the end-user location.

Q: Why do the Internet applications running at the destination matter?

A: The type of applications running on a target system is useful information for investigating IP addresses or Internet hosts, as it can provide insight into the ownership and geographical location. The most common applications on the Internet are web servers (web sites), mail servers (email) and file transfer servers (file downloads). As an example, web server applications (such as www.visualware.com) are particularly useful because web pages along the lines of ‘contact us’ often exist to provide details such as names, phone numbers and other contact related information.

Q: Why is there no location information in the map or route table?

A: If no location information is shown it is most likely due to a firewall blocking access to port 43, which is used for Whois and IP location lookups. Check your firewall or with your network administrator, to open port 43 for incoming/outgoing ICMP and outgoing TCP.

Q: What does 'unknown' in the route table of the identification report mean?

A: Occasionally a router on the Internet does not respond correctly to an inbound packet. This is usually due to high traffic at the hop, but occasionally it is because the router does not conform to standards correctly. When this happens the router in question does not correctly identify itself and is indicated by 'unknown' in the route table of the identification report.

Q: What is a private network?

A: Private networks incorporate IP addresses that are reserved for internal use of a company or organization. The route table of the identification report will not show the geographical location for any hops on a private use network as they use pseudo IP addresses.

Q: Why are database updates important?

A: With Internet changes, encompassing new networks, extensions to old networks, new routers, new IP devices and new user's, happening every minute any IP-to-location database rapidly loses value as the results become more inaccurate with passing time. It is therefore important that any IP geo-location database is updated and maintained on a regular basis. Many of the network changes will affect IP ownership details including the important contact information for IP addresses and Domains. Maintaining up-to-date IP network information ensures that tracked locations are more precise and helps to further qualify the ownership and accuracy of the final location being tracked.

Need a step-by-step guide?

Some features and techniques in Visual IP Trace require step-by-step walkthroughs to make them easier to understand....